The Node.js SDK (@lyel/lyel-pay-node) is designed for server-side environments. Use it to create payment intents from your backend, retrieve their status, and validate incoming webhook events.
Installation
Requires Node.js 18+ (uses native fetch and crypto).
Initialization
You can also pass options:
| Parameter | Type | Required | Description |
|---|
secretKey | string | ✅ | Your secret API key |
options.baseUrl | string | ❌ | API base URL. Defaults to https://api.lyelpay.com |
Payment Intents
paymentIntents.create(params)
Creates a payment intent. Use this to initiate a payment from your server before showing the checkout to your user.
Parameters:
| Field | Type | Required | Description |
|---|
amount | string | ✅ | Amount in smallest unit (e.g. '5000' = 5,000 XAF) |
currency | 'XAF' | 'XOF' | ✅ | Transaction currency |
description | string | ❌ | Human-readable description |
metadata | Record<string, unknown> | ❌ | Custom key-value pairs (e.g. order ID, customer ID) |
Returns: PaymentIntent
paymentIntents.retrieve(sessionToken)
Retrieves the current status of a payment intent using its session token.
Use retrieve() to poll the status if you’re not using webhooks. For production, webhooks are strongly preferred.
Webhooks
Validates an incoming webhook event and returns the parsed event object. Throws if the signature is invalid or the timestamp is too old (> 5 minutes).
You must use a raw body (not parsed JSON) for signature validation to work. Using express.json() before this middleware will break the signature check.
Signature format:
The lyel-signature header contains:
t — Unix timestamp of when the event was sent
v1 — HMAC-SHA256 signature of {timestamp}.{payload}
Webhook event types:
| Type | Description |
|---|
payment.completed | Payment was successfully processed |
payment.failed | Payment attempt failed |
payment.expired | Payment intent expired before completion |
Error handling
The SDK throws standard Error objects with an added statusCode property:
Full example: SaaS billing flow